[goal] Deprecate the JSON formatted policy file

As per the community goal of migrating the policy file
the format from JSON to YAML[1], we need to do two things:

1. Change the default value of '[oslo_policy] policy_file''
config option from 'policy.json' to 'policy.yaml' with
upgrade checks.

2. Deprecate the JSON formatted policy file on the project side
via warning in doc and releasenotes.

Also replace policy.json to policy.yaml ref from doc and tests.

[1]https://governance.openstack.org/tc/goals/selected/wallaby/migrate-policy-format-from-json-to-yaml.html

Change-Id: Id369108f00acb6977bf24f48ff77b45a69b2908f
This commit is contained in:
Ghanshyam Mann 2020-12-24 20:28:58 -06:00
parent 9ab0c623ba
commit 017210703c
6 changed files with 52 additions and 28 deletions

View File

@ -52,18 +52,18 @@ os-service-types==1.2.0
osc-lib==1.10.0 osc-lib==1.10.0
oslo.cache==1.29.0 oslo.cache==1.29.0
oslo.concurrency==3.26.0 oslo.concurrency==3.26.0
oslo.config==5.2.0 oslo.config==6.8.0
oslo.context==2.20.0 oslo.context==2.22.0
oslo.db==4.44.0 oslo.db==4.44.0
oslo.i18n==3.20.0 oslo.i18n==3.20.0
oslo.log==3.44.0 oslo.log==3.44.0
oslo.messaging==5.36.0 oslo.messaging==5.36.0
oslo.middleware==3.35.0 oslo.middleware==3.35.0
oslo.policy==1.34.0 oslo.policy==3.6.0
oslo.serialization==2.25.0 oslo.serialization==2.25.0
oslo.service==1.30.0 oslo.service==1.30.0
oslo.upgradecheck==0.1.1 oslo.upgradecheck==1.3.0
oslo.utils==3.36.0 oslo.utils==3.40.0
oslotest==3.3.0 oslotest==3.3.0
osprofiler==2.0.0 osprofiler==2.0.0
packaging==17.1 packaging==17.1
@ -99,14 +99,14 @@ python-subunit==1.2.0
python-swiftclient==3.5.0 python-swiftclient==3.5.0
python-troveclient==2.2.0 python-troveclient==2.2.0
pytz==2018.3 pytz==2018.3
PyYAML==3.13 PyYAML==5.1
pyzabbix==0.7.4 pyzabbix==0.7.4
reno==3.1.0 reno==3.1.0
repoze.lru==0.7 repoze.lru==0.7
requests==2.18.4 requests==2.20.0
requests-mock==1.4.0 requests-mock==1.4.0
requestsexceptions==1.4.0 requestsexceptions==1.4.0
rfc3986==1.1.0 rfc3986==1.2.0
Routes==2.4.1 Routes==2.4.1
setproctitle==1.1.10 setproctitle==1.1.10
simplejson==3.13.2 simplejson==3.13.2

View File

@ -0,0 +1,20 @@
---
upgrade:
- |
The default value of ``[oslo_policy] policy_file`` config option has
been changed from ``policy.json`` to ``policy.yaml``.
Operators who are utilizing customized or previously generated
static policy JSON files (which are not needed by default), should
generate new policy files or convert them in YAML format. Use the
`oslopolicy-convert-json-to-yaml
<https://docs.openstack.org/oslo.policy/latest/cli/oslopolicy-convert-json-to-yaml.html>`_
tool to convert a JSON to YAML formatted policy file in
backward compatible way.
deprecations:
- |
Use of JSON policy files was deprecated by the ``oslo.policy`` library
during the Victoria development cycle. As a result, this deprecation is
being noted in the Wallaby cycle with an anticipated future removal of support
by ``oslo.policy``. As such operators will need to convert to YAML policy
files. Please see the upgrade notes for details on migration of any
custom policy files.

View File

@ -10,16 +10,16 @@ lxml>=4.5.2 # BSD
PyMySQL>=0.8.0 # MIT License PyMySQL>=0.8.0 # MIT License
python-dateutil>=2.7.0 # BSD python-dateutil>=2.7.0 # BSD
networkx>=2.4 # BSD networkx>=2.4 # BSD
oslo.config>=5.2.0 # Apache-2.0 oslo.config>=6.8.0 # Apache-2.0
oslo.context>=2.20.0 # Apache-2.0 oslo.context>=2.22.0 # Apache-2.0
oslo.db>=4.44.0 # Apache-2.0 oslo.db>=4.44.0 # Apache-2.0
oslo.messaging>=5.36.0 # Apache-2.0 oslo.messaging>=5.36.0 # Apache-2.0
oslo.middleware>=3.35.0 # Apache-2.0 oslo.middleware>=3.35.0 # Apache-2.0
oslo.serialization>=2.25.0 # Apache-2.0 oslo.serialization>=2.25.0 # Apache-2.0
oslo.log>=3.44.0 # Apache-2.0 oslo.log>=3.44.0 # Apache-2.0
oslo.policy>=1.34.0 # Apache-2.0 oslo.policy>=3.6.0 # Apache-2.0
oslo.i18n>=3.20.0 # Apache-2.0 oslo.i18n>=3.20.0 # Apache-2.0
oslo.upgradecheck>=0.1.1 # Apache-2.0 oslo.upgradecheck>=1.3.0 # Apache-2.0
pecan>=1.2.1 # BSD pecan>=1.2.1 # BSD
PasteDeploy>=1.5.2 # MIT PasteDeploy>=1.5.2 # MIT
Werkzeug>=0.14.1 # BSD License Werkzeug>=0.14.1 # BSD License
@ -32,8 +32,8 @@ pysnmp>=4.4.4 # BSD
PyJWT>=1.6.0 # MIT PyJWT>=1.6.0 # MIT
osprofiler>=2.0.0 # Apache-2.0 osprofiler>=2.0.0 # Apache-2.0
keystoneauth1>=3.6.2 # Apache-2.0 keystoneauth1>=3.6.2 # Apache-2.0
PyYAML>=3.13 # MIT PyYAML>=5.1 # MIT
requests>=2.18.4 # Apache-2.0 requests>=2.20.0 # Apache-2.0
WebOb>=1.7.4 # MIT WebOb>=1.7.4 # MIT
eventlet!=0.20.1,>=0.20.0 # MIT eventlet!=0.20.1,>=0.20.0 # MIT
debtcollector>=1.19.0 # Apache-2.0 debtcollector>=1.19.0 # Apache-2.0

View File

@ -14,6 +14,7 @@ import oslo_messaging
from oslo_config import cfg from oslo_config import cfg
from oslo_context import context from oslo_context import context
from oslo_policy import opts
from oslo_policy import policy from oslo_policy import policy
from pecan import hooks from pecan import hooks
@ -25,6 +26,12 @@ from vitrage import storage
CONF = cfg.CONF CONF = cfg.CONF
# TODO(gmann): Remove setting the default value of config policy_file
# once oslo_policy change the default value to 'policy.yaml'.
# https://github.com/openstack/oslo.policy/blob/a626ad12fe5a3abd49d70e3e5b95589d279ab578/oslo_policy/opts.py#L49
DEFAULT_POLICY_FILE = 'policy.yaml'
opts.set_defaults(CONF, DEFAULT_POLICY_FILE)
class ConfigHook(hooks.PecanHook): class ConfigHook(hooks.PecanHook):
"""Attach the configuration and policy enforcer object to the request. """ """Attach the configuration and policy enforcer object to the request. """

View File

@ -15,6 +15,7 @@
import sys import sys
from oslo_config import cfg from oslo_config import cfg
from oslo_upgradecheck import common_checks
from oslo_upgradecheck import upgradecheck from oslo_upgradecheck import upgradecheck
from vitrage.i18n import _ from vitrage.i18n import _
@ -30,17 +31,9 @@ class Checks(upgradecheck.UpgradeCommands):
and added to _upgrade_checks tuple. and added to _upgrade_checks tuple.
""" """
def _sample_check(self):
"""This is sample check added to test the upgrade check framework
It needs to be removed after adding any real upgrade check
"""
return upgradecheck.Result(upgradecheck.Code.SUCCESS, 'Sample detail')
_upgrade_checks = ( _upgrade_checks = (
# Sample check added for now. (_('policy File JSON to YAML Migration'),
# Whereas in future real checks must be added here in tuple (common_checks.check_policy_json, {'conf': CONF})),
(_('Sample Check'), _sample_check),
) )

View File

@ -24,7 +24,11 @@ class TestUpgradeChecks(base.BaseTest):
super(TestUpgradeChecks, self).setUp() super(TestUpgradeChecks, self).setUp()
self.cmd = status.Checks() self.cmd = status.Checks()
def test__sample_check(self): def test_checks(self):
check_result = self.cmd._sample_check() for name, func in self.cmd._upgrade_checks:
self.assertEqual( if isinstance(func, tuple):
Code.SUCCESS, check_result.code) func_name, kwargs = func
result = func_name(self, **kwargs)
else:
result = func(self)
self.assertEqual(Code.SUCCESS, result.code)